Shadow IT refers to the use of unauthorized technology resources by business units without the approval or knowledge of the IT department. This often occurs because business units see the IT department as too slow or bureaucratic to meet their needs, or because of overzealous employees. While business units argue that Shadow IT allows them to achieve goals more quickly, IT departments counter that it poses security and operational risks to the organization. The document recommends that IT departments and business units improve communication and work together collaboratively to resolve issues with Shadow IT in a way that supports both business and technical needs.

1. Bringing IT
out of the shadows

2. What is Shadow IT?
The act of purchasing or using technology for the
workplace without the approval or knowledge of the IT
department is called Shadow IT.

3. Examples
• DevOps team purchasing an instance of a caching
server to balance load bypassing IT in order to not
have users suffer downtime
• Sales team sharing crucial customer data, even
internally, using a personal account of Google Drive
• Using an unauthorised pen drive. Yep!

4. WHY DOES THIS HAPPEN?
• IT Department is considered slow and bureaucratic by
business units in some organizations.
• With the market moving at breakneck speed, business
units don’t want to wait for IT to fulfil service
requests.
• Overzealous employees with (mostly) good intentions
Why does this happen?

5. The catalysts
• Cloud technology
• eCommerce
• Tech savvy credit card toting managers
• Consumerization of technology

6. Is the practice of Shadow IT bad?
Business says
NO.
IT says
YES.

7. Business IT
We
don’t
have
,me
to
fill
forms
If
you
don’t
fill
forms,
there
will
be
miscommunica,on
We
can
do
our
own
tech
research,
thank
you.
We
do
that
too.
And
we
are
paid
to
do
it.
IT
is
s,ll
stuck
in
with
80s
soBware. Stable
soBware,
anyone?
We
have
the
latest
soBware
at
our
finger,ps
Good
luck
troubleshoo,ng.
I’d
rather
take
ad-­‐hoc
decision
to
keep
business
afloat
than
wait
for
IT
Following
processes
is
good
for
the
long
term.

8. Business units
• The need to get things done ASAP.
• Decentralisation of decision making the
norm.
• Decreased bureaucracy
• Lean organisations and flatter hierarchies.

9. IT say
If IT is expected to help you with your tech,
they need to be aware of the techs you use.
If IT is expected to firefight, they also need to
define security guidelines to prevent the fires.
Proactive is the way to go. Reactive is so 2004.

10. Risks involved
• Acquisition of software from dubious sources –
download sites, cloud services with poor security
• Ill-researched information leading to bad tech choices
• Bug infested software
• Obvious data security risks
• Risk of malware or virus infiltrating the corporate
network

11. “By 2015, 35% of enterprise IT
expenditures for most organisations
will be managed outside the IT
department’s budget.” 35% Source

12. How to resolve
• Broad-minded CIO
The CIO is to the IT organization what the CEO is to the business.
• Openness of the IT department
Processes should be designed around the business and not the other way round.
• Communication
Let business know the repercussions of bypassing IT. Earn their respect.
• Protect and to serve
After all, IT can’t fight something if we don’t know what we are fighting.

13. In conclusion
• Shadow IT is necessary evil.
• Look at Shadow IT as something that takes burden off
IT while ensuring necessary processes are followed.
• IT and business units should work together to ensure a
smooth and productive work environment.
Bring IT out of the shadows.

14. This article was originally published in
Learn more about managing assets in your organisation here.
freshservice.com hello@freshservice.com